CERN IT Department CH-1211 Genève 23 Switzerland www.cern.ch/i t Windows Desktop Applications Life-cycle Management Sebastien Dellabella, Rafal Otto Internet.

Slides:



Advertisements
Similar presentations
This course is designed for system managers/administrators to better understand the SAAZ Desktop and Server Management components Students will learn.
Advertisements

WSUS Presented by: Nada Abdullah Ahmed.
The Evolution of Managing Windows Computers at CERN Ivan Deloose Internet Services Group Department of Information Technology CERN 7 April 2006 – HEPix.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
Damian Leibaschoff Support Escalation Engineer Microsoft Becky Ochs Program Manager Microsoft.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment Chapter 9: Implementing and Using Group Policy.
Maintaining and Updating Windows Server 2008
Module 6: Patches and Security Updates 1. Overview Installing Patches and Security Updates Recent patches and security updates for IIS Recent patches.
Microsoft ® Application Virtualization 4.5 Infrastructure Planning and Design Series.
CERN IT Department CH-1211 Genève 23 Switzerland IT Forum, June 2011 Software and Hardware Inventory Initiatives Computer Security Team,
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
Windows Server 2008 Chapter 11 Last Update
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW Understand the difference between service.
Group Policy in Microsoft Windows Active Directory.
Module 16: Software Maintenance Using Windows Server Update Services.
16.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 16: Examining Software Update.
11 MAINTAINING THE OPERATING SYSTEM Chapter 5. Chapter 5: MAINTAINING THE OPERATING SYSTEM2 CHAPTER OVERVIEW  Understand the difference between service.
Deploying and Managing Software by Using Group Policy.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Web Content Management System Discussion.
CERN IT Department CH-1211 Genève 23 Switzerland t Next generation of virtual infrastructure with Hyper-V Michal Kwiatek, Juraj Sucik, Rafal.
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
11-01: Get Started with SCP Supply Chain Platform Training Presentation Updated April 2009.
Managing CERN Desktops with Systems Management Server (SMS 2003) Michel Christaller Internet Services Group Department of Information Technology CERN May.
IGEL UMS Product Marketing Manager October 2011 Florian Spatz Universal Management Suite.
70-290: MCSE Guide to Managing a Microsoft Windows Server 2003 Environment, Enhanced Chapter 9: Implementing and Using Group Policy.
IT:Network:Microsoft Server 2 Chapter 27 WINDOWS SERVER UPDATE SERVICES.
Randy Diddel A+ Certified Technician Apple Certified Associate-Mac Integration OS X ITIL Foundations v3 Mac Team Technical Support Analyst II UNM IT Workstation.
70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 12: Deploying and Managing Software with Group Policy.
ITSRM report Erez Etzion ACCU Meeting December 9, 2009.
Module 14: Configuring Print Resources and Printing Pools.
Windows 2003 Overview Lecture 1. Windows Networking Evolution Windows for Workgroups – peer-to-peer networking built into the OS Windows NT – separate.
Module 13: Maintaining Software by Using Windows Server Update Services.
“Motivating young people to be better citizens” Keeping Your Computer “Healthy and Working” Last Updated 29 May 2012 By Athlynne Tyler.
CERN - IT Department CH-1211 Genève 23 Switzerland t CERN - IT Department CH-1211 Genève 23 Switzerland t Internet Services.
How CERN reacted to the Blaster and Sobig virus attack Christian Boissat, Alberto Pace, Andreas Wagner.
Installing Windows Vista Lesson 2. Skills Matrix Technology SkillObjective DomainObjective # Performing a Clean Installation Set up Windows Vista as the.
CERN IT Department CH-1211 Genève 23 Switzerland t Experience with Windows Vista at CERN Rafal Otto Internet Services Group IT Department.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Make the most of Office 2010, Expression.
Managing User Desktops with Group Policy
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Cross Platform Browser Support Tim Bell 15.
SMS 2003 Deployment and Managing Windows Security Rafal Otto Internet Services Group Department of Information Technology CERN 26 May 2016.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Working with Windows 7 at CERN Michał Budzowski.
CERN IT Department CH-1211 Genève 23 Switzerland t ITIL at CERN Tony Cass HEPiX LBL, 29 th October 2009.
Simplifying the Configuration of Student Laptops — StirlingVPNSetup Simon Booth University of Stirling Laptop Forum 27th June 2006.
Status of Windows 2000 deployment at CERN Alberto Pace, for the IT/IS group - April 2002
NiceFC and CMF Introduction Ivan Deloose IT-IS Custom Windows Services for Controls Applications.
Module 13: Designing Print Services in Windows Server 2008.
Operating Systems & Information Services CERN IT Department CH-1211 Geneva 23 Switzerland t OIS Update on Windows 7 at CERN & Remote Desktop.
VMWare Workstation Installation. Starting Vmware Workstation Go to the start menu and start the VMware Workstation program. *Note: The following instructions.
Module 4 Planning for Group Policy. Module Overview Planning Group Policy Application Planning Group Policy Processing Planning the Management of Group.
Rob Davidson, Partner Technology Specialist Microsoft Management Servers: Using management to stay secure.
11 IMPLEMENTING AND MANAGING SOFTWARE UPDATE SERVICES Chapter 7.
Printing at CERN Rafal Otto, Juraj Sucik, CERN IT Department CHEP 2007 International Conference on Computing.
CERN IT Department CH-1211 Genève 23 Switzerland t Unified communications: Lync as your desk phone Fernando Moreno Pascual – IT/OIS.
Benjamin Naden Windows Client Group Manager, Microsoft Singapore.
T4L – NSW DET SOE NSW DET SOE SOE was developed in open consultation with TAFE, Schools, Other personnel Developed to provide single BASE image.
CERN IT Department CH-1211 Genève 23 Switzerland t Migration from ELFMs to Agile Infrastructure CERN, IT Department.
Internet Explorer 7 Updated Advice for the NHS 04 February 2008 Version 1.3.
Vulnerabilities in Operating Systems Michael Gaydeski COSC December 2008.
CERN - IT Department CH-1211 Genève 23 Switzerland t CERN - IT Department CH-1211 Genève 23 Switzerland t Windows Vista and.
Managed by UT-Battelle for the Department of Energy System Center Configuration Manager at ORNL National Laboratories Information Technology Summit 2008.
Maintaining and Updating Windows Server 2008 Lesson 8.
Managing User Desktops with Group Policy
Lesson 19: Configuring and Managing Updates
Windows 7 deployment at CERN
Automated Update System
CERN Windows Roadmap Tim Bell 8th June 2011.
You have Flash installed on your computer.
You have Flash installed on your computer.
Presentation transcript:

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management Sebastien Dellabella, Rafal Otto Internet Services Group IT Department

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 2 Agenda Components of the Windows application management activity at CERN –Application pool –Deployment tools –Monitoring tools –Managing updates and communicating with the users community Case Studies –Acrobat Reader : responding to vulnerability disclosures –Microsoft Office : follow up of the product evolution –Java : how to manage unmanaged?

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 3 Overview Snapshot of the environment –~ 6000 managed Windows machines 95% of Windows XP Sp2 5% of Windows Vista –~40 different sets of computers Having different sets of applications “Local administrators” can manage them using a delegation mechanism –Typical managed computers have access to 20 core applications ~100 applications are available “on demand” In addition: updates, service packs or patches

CERN IT Department CH-1211 Genève 23 Switzerland t Application Support Levels Examples Windows Desktop Applications Life-cycle Management - 4 InstallationUsageForced Updates Optional Updates Notifications Microsoft Office XXX Hummingbird Exceed XXX Adobe Flash Player XX Sun Java XXX Apple QuickTime X

CERN IT Department CH-1211 Genève 23 Switzerland t Application Support Levels Examples Windows Desktop Applications Life-cycle Management - 5 InstallationUsageForced Updates Optional Updates Notifications Monitoring Microsoft Office XXXX Hummingbird Exceed XXXX Adobe Flash Player XXX Sun Java XXXX Apple QuickTime XX

CERN IT Department CH-1211 Genève 23 Switzerland t Processes and Tools Windows Desktop Applications Life-cycle Management - 6 Deployment CMF Group Policy Monitoring CMF Inventory Antivirus Stats Security and Editors Websites Users feedback Reacting Upgrade Uninstall Block Warn users

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 7 Deployment Tools CMF: Computer Management Framework –Application deployment system used at CERN Address requirements of Control community in context of CNIC More flexible than previously used solution (especially for delegation) –Used to deploy all applications at CERN Group Policies –Used to deploy all settings and preferences –CMF client is deployed using Group Policies

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 8 Monitoring Tools Key components of our monitoring activity CMF Inventory Statistics Websites Users Feedback Monitoring

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 9 Monitoring Tools Key components of our monitoring activity CMF Inventory Statistics Websites Users Feedback Monitoring

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 10 Monitoring Tools Key components of our monitoring activity CMF Inventory Statistics Websites Users Feedback Monitoring

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 11 Monitoring Tools Key components of our monitoring activity CMF Inventory Statistics Websites Users Feedback Monitoring

CERN IT Department CH-1211 Genève 23 Switzerland t Monitoring Tools Statistics Windows Desktop Applications Life-cycle Management - 12

CERN IT Department CH-1211 Genève 23 Switzerland t Monitoring Tools Statistics (2) Windows Desktop Applications Life-cycle Management - 13

CERN IT Department CH-1211 Genève 23 Switzerland t Reacting Windows Desktop Applications Life-cycle Management - 14 Upgrade smoothly: –We group mandatory updates every month –Optional updates may be published anytime –Progressive deployment Send alert and/or schedule update: –If an exploit is in the wild for a monitored software (i.e. Java) Block an installed software: –If a vulnerability is widely exploited and no update available SEVERITYSEVERITY

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 15 Agenda Components of the Windows application management activity at CERN –Application pool –Deployment tools –Monitoring tools –Managing updates and communicating with the users community Case Studies –Acrobat Reader : responding to vulnerability disclosures –Microsoft Office : follow up of the product evolution –Java : how to manage unmanaged?

CERN IT Department CH-1211 Genève 23 Switzerland t Case Studies Acrobat Reader: Reacting to vulnerabilities Windows Desktop Applications Life-cycle Management - 16 Deployment –Supported application preinstalled on each Windows computer by default Monitoring –Arbitration to stay with version and being able to upgrade to version 8.0 if required. Version was working fine but: –4 critical vulnerabilities since Version 8.0 solved vulnerabilities but: –Printing problem with version > –Only first page of the document printed when Postscript driver used Reacting –Decided to upgrade to version 8 at the end of 2007 Migrate Postscript drivers to PCL first

CERN IT Department CH-1211 Genève 23 Switzerland t Case Studies Microsoft Office (in 2007): Product evolution Windows Desktop Applications Life-cycle Management - 17 Deployment at CERN (2007) –Office 2003 as default Office suite preinstalled on each new computer –Office XP still supported and installed widely at CERN Monitoring –Microsoft released Office 2007 ( ) –Big change in functionality –Suitable only for powerful computers (> 1GB of memory) –Increasing user demands for the new version “Wild” installations started to appear Reacting –In order to limit number of supported Office suites –Office 2007 deployment combined with Office XP phase out –Package for Office 2007 has been prepared and optional upgrade announced –New training courses were organized –After some time ( ) Office 2007 became the default Office suite preinstalled on all computers having at least 1 GB of RAM

CERN IT Department CH-1211 Genève 23 Switzerland t Windows Desktop Applications Life-cycle Management - 18 Deployment at CERN (2008) –Office 2007 default Office suite on new computers ( ) –Office 2003 SP2 installed on 80% of computers Monitoring –Microsoft releases monthly security patches –Microsoft released Office 2003 SP3 and Office 2007 SP1 ( ) Reacting –Gradual deployment of Service Packs on centrally managed computers –Updates proposed to “local administrators” to schedule them according to their needs Case Studies Microsoft Office (in 2008): Product evolution

CERN IT Department CH-1211 Genève 23 Switzerland t Case Studies Microsoft Office (in 2008): Follow-up evolution Deployment progression of MS Office Windows Desktop Applications Life-cycle Management - 19

CERN IT Department CH-1211 Genève 23 Switzerland t Case Studies Sun Java: manage the unmanaged Windows Desktop Applications Life-cycle Management - 20 Deployment –Three branches of Java are packaged by us and made available for installation (1.4.x, 1.5.x and 1.6.x) Monitoring –Computers very often have multiple versions of Java installed –We cannot force updates Many critical experiment applications require a particular version of Java –Vulnerabilities are disclosed almost every month! Reacting –Packages for each new version are created – notifications are sent automatically to owners of vulnerable computers – notifications are sent automatically to “local administrators” encouraging them to deploy new packages

CERN IT Department CH-1211 Genève 23 Switzerland t Mail sent to “Local administrators” Windows Desktop Applications Life-cycle Management - 21 Case Studies Sun Java: manage the unmanaged

CERN IT Department CH-1211 Genève 23 Switzerland t Mail sent to computer’s owners Windows Desktop Applications Life-cycle Management - 22 Case Studies Sun Java: manage the unmanaged

CERN IT Department CH-1211 Genève 23 Switzerland t Summary Application lifecycle management –Application monitoring activity increased over the years Statistics, Websites, RSS Feeds, etc. Monitoring is now focused on security rather than application improvement. –Deployment is easier Packaging technologies are now mature –Our tools allow us to react fast and with modularity Making a package and deploying it CERN wide is possible in 30min ! Presentation title - 23

CERN IT Department CH-1211 Genève 23 Switzerland t Questions ? Presentation title - 24

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.